[clug] CA Cert problem

Robert Edwards bob at cs.anu.edu.au
Mon Aug 18 06:48:43 GMT 2008

An update on my last post,

Many thanks to the other two assurers who have now assured my, although
I hadn't realised that my points max out at 100, so three assurers were

It turns out that it looks like CA Cert check that the email address of
the domain registrant matches the CA Cert email address of the person
requesting the domain (sensible, but not easy to find information).

In this case, I registered a new domain (through register4less, who
sponsor UserFriendly). All took place in minutes and cost a measly

Then I was able to "register" that domain with CA Cert against my
account and then create a server certificate (which works!).

So, a successful conclusion to my first foray into the world of CA Cert.

Thanks to all who responded.


Bob Edwards.

Daniel Black wrote:
> On Fri, 8 Aug 2008 12:30:43 pm Robert Edwards wrote:
>> So I have 70 points with CA Cert so far (seems that two of the four
>> assurers at CLUG last month have been assured that I am who I claim
>> to be and the other two are not so sure - should I have given them
>> access to so much of my private identity data if they are not actually
>> intending to give me the assurance points...?).
> I'm sorry it turned out this way. If anyone has a similar experience contact 
> me off list ( though I may not get back to you this week).
> Please, to the remaining two assurers, all but one person I assured on that 
> night has been registered with the correct details they presented to me.
>> Many thanks to the 
>> two who have assured me so far.
> np on behalf of those two.
>> Anyway, I am trying to generate a server certificate for my home
>> web server, which previously had a (now expired) self-signed cert.
>> When I attempt to register the domain, CA Cert tells me:
>> "The domain '2hgt.svana.org' is already in the system and is listed
>> as valid. Can't continue."
> I sneakly tries to take the domain svana.org and it presents an option 
> sjh at wibble.net is potentially in change of this domain (from whois). Did he 
> (not?) assure you?
> You probably because 2hgt.svana.org is a subdomain of a registered domain this 
> prevents it from being registered. Make sense? After all we don't want people 
> registering netbanking.anz.com (which would be hard until dns spoofing 
> techniques came out).
>> If someone else has already registered my domain, can I find out
>> who they are?
> as above.

More information about the linux mailing list